syzkaller login: [ 339.752983][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 339.861347][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 339.956091][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. [ 360.199620][ T1859] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'. Warning: Permanently added '[localhost]:48990' (ECDSA) to the list of known hosts. 1970/01/01 00:06:46 fuzzer started 1970/01/01 00:07:00 dialing manager at localhost:35309 [ 427.984470][ T2039] cgroup: Unknown subsys name 'net' [ 429.181413][ T2039] cgroup: Unknown subsys name 'rlimit' 1970/01/01 00:07:08 syscalls: 2853 1970/01/01 00:07:08 code coverage: enabled 1970/01/01 00:07:08 comparison tracing: enabled 1970/01/01 00:07:08 extra coverage: enabled 1970/01/01 00:07:08 delay kcov mmap: mmap returned an invalid pointer 1970/01/01 00:07:08 setuid sandbox: enabled 1970/01/01 00:07:08 namespace sandbox: enabled 1970/01/01 00:07:08 Android sandbox: /sys/fs/selinux/policy does not exist 1970/01/01 00:07:08 fault injection: enabled 1970/01/01 00:07:08 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled 1970/01/01 00:07:08 net packet injection: enabled 1970/01/01 00:07:08 net device setup: enabled 1970/01/01 00:07:08 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist 1970/01/01 00:07:08 devlink PCI setup: PCI device 0000:00:10.0 is not available 1970/01/01 00:07:08 USB emulation: enabled 1970/01/01 00:07:08 hci packet injection: /dev/vhci does not exist 1970/01/01 00:07:08 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist 1970/01/01 00:07:08 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist 1970/01/01 00:07:09 fetching corpus: 0, signal 0/2000 (executing program) 1970/01/01 00:07:14 fetching corpus: 50, signal 40369/43598 (executing program) 1970/01/01 00:07:20 fetching corpus: 98, signal 54733/59182 (executing program) 1970/01/01 00:07:22 fetching corpus: 148, signal 64471/70062 (executing program) 1970/01/01 00:07:24 fetching corpus: 198, signal 75972/82432 (executing program) 1970/01/01 00:07:28 fetching corpus: 248, signal 85138/92357 (executing program) 1970/01/01 00:07:31 fetching corpus: 298, signal 98488/106068 (executing program) 1970/01/01 00:07:36 fetching corpus: 348, signal 105711/113843 (executing program) 1970/01/01 00:07:41 fetching corpus: 398, signal 111300/119933 (executing program) 1970/01/01 00:07:43 fetching corpus: 447, signal 116498/125615 (executing program) 1970/01/01 00:07:47 fetching corpus: 497, signal 121604/131066 (executing program) 1970/01/01 00:07:49 fetching corpus: 546, signal 124862/134811 (executing program) 1970/01/01 00:07:52 fetching corpus: 596, signal 129229/139538 (executing program) 1970/01/01 00:07:55 fetching corpus: 646, signal 134046/144470 (executing program) 1970/01/01 00:07:58 fetching corpus: 696, signal 137310/148068 (executing program) 1970/01/01 00:08:01 fetching corpus: 745, signal 142181/152930 (executing program) 1970/01/01 00:08:03 fetching corpus: 794, signal 143875/155031 (executing program) 1970/01/01 00:08:05 fetching corpus: 844, signal 145923/157385 (executing program) 1970/01/01 00:08:08 fetching corpus: 894, signal 149619/161095 (executing program) 1970/01/01 00:08:09 fetching corpus: 944, signal 152472/164037 (executing program) 1970/01/01 00:08:13 fetching corpus: 994, signal 155548/167100 (executing program) 1970/01/01 00:08:16 fetching corpus: 1044, signal 159756/170972 (executing program) 1970/01/01 00:08:18 fetching corpus: 1094, signal 162389/173562 (executing program) 1970/01/01 00:08:21 fetching corpus: 1144, signal 165088/176166 (executing program) 1970/01/01 00:08:23 fetching corpus: 1194, signal 168119/178991 (executing program) 1970/01/01 00:08:26 fetching corpus: 1243, signal 170079/180886 (executing program) 1970/01/01 00:08:28 fetching corpus: 1293, signal 173854/184099 (executing program) 1970/01/01 00:08:32 fetching corpus: 1343, signal 176388/186321 (executing program) 1970/01/01 00:08:34 fetching corpus: 1393, signal 178290/188059 (executing program) 1970/01/01 00:08:37 fetching corpus: 1443, signal 181189/190491 (executing program) 1970/01/01 00:08:40 fetching corpus: 1493, signal 184946/193492 (executing program) 1970/01/01 00:08:44 fetching corpus: 1541, signal 186546/194895 (executing program) 1970/01/01 00:08:49 fetching corpus: 1591, signal 188542/196549 (executing program) 1970/01/01 00:08:53 fetching corpus: 1639, signal 190238/197943 (executing program) 1970/01/01 00:08:56 fetching corpus: 1689, signal 192129/199424 (executing program) 1970/01/01 00:09:00 fetching corpus: 1739, signal 195002/201588 (executing program) 1970/01/01 00:09:01 fetching corpus: 1788, signal 197100/203180 (executing program) 1970/01/01 00:09:04 fetching corpus: 1836, signal 199575/204974 (executing program) 1970/01/01 00:09:07 fetching corpus: 1886, signal 202519/207040 (executing program) 1970/01/01 00:09:09 fetching corpus: 1936, signal 203732/207935 (executing program) 1970/01/01 00:09:12 fetching corpus: 1986, signal 204645/208614 (executing program) 1970/01/01 00:09:15 fetching corpus: 2036, signal 206442/209812 (executing program) 1970/01/01 00:09:17 fetching corpus: 2083, signal 208031/210855 (executing program) 1970/01/01 00:09:19 fetching corpus: 2133, signal 210043/212101 (executing program) 1970/01/01 00:09:21 fetching corpus: 2183, signal 211379/212904 (executing program) 1970/01/01 00:09:26 fetching corpus: 2224, signal 212602/213647 (executing program) 1970/01/01 00:09:26 fetching corpus: 2225, signal 212658/213728 (executing program) 1970/01/01 00:09:26 fetching corpus: 2225, signal 212658/213758 (executing program) 1970/01/01 00:09:27 fetching corpus: 2225, signal 212658/213794 (executing program) 1970/01/01 00:09:27 fetching corpus: 2225, signal 212658/213821 (executing program) 1970/01/01 00:09:27 fetching corpus: 2225, signal 212658/213841 (executing program) 1970/01/01 00:09:27 fetching corpus: 2225, signal 212658/213869 (executing program) 1970/01/01 00:09:27 fetching corpus: 2225, signal 212658/213892 (executing program) 1970/01/01 00:09:28 fetching corpus: 2225, signal 212658/213920 (executing program) 1970/01/01 00:09:28 fetching corpus: 2225, signal 212671/213960 (executing program) 1970/01/01 00:09:28 fetching corpus: 2225, signal 212671/213976 (executing program) 1970/01/01 00:09:28 fetching corpus: 2225, signal 212671/214002 (executing program) 1970/01/01 00:09:28 fetching corpus: 2225, signal 212671/214030 (executing program) 1970/01/01 00:09:29 fetching corpus: 2225, signal 212671/214048 (executing program) 1970/01/01 00:09:29 fetching corpus: 2225, signal 212671/214074 (executing program) 1970/01/01 00:09:29 fetching corpus: 2225, signal 212671/214101 (executing program) 1970/01/01 00:09:29 fetching corpus: 2225, signal 212671/214127 (executing program) 1970/01/01 00:09:29 fetching corpus: 2225, signal 212671/214156 (executing program) 1970/01/01 00:09:29 fetching corpus: 2225, signal 212671/214179 (executing program) 1970/01/01 00:09:30 fetching corpus: 2225, signal 212671/214219 (executing program) 1970/01/01 00:09:30 fetching corpus: 2225, signal 212671/214243 (executing program) 1970/01/01 00:09:30 fetching corpus: 2225, signal 212671/214261 (executing program) 1970/01/01 00:09:30 fetching corpus: 2225, signal 212671/214287 (executing program) 1970/01/01 00:09:30 fetching corpus: 2225, signal 212671/214307 (executing program) 1970/01/01 00:09:30 fetching corpus: 2225, signal 212671/214320 (executing program) 1970/01/01 00:09:31 fetching corpus: 2225, signal 212671/214345 (executing program) 1970/01/01 00:09:31 fetching corpus: 2225, signal 212671/214371 (executing program) 1970/01/01 00:09:31 fetching corpus: 2225, signal 212673/214402 (executing program) 1970/01/01 00:09:31 fetching corpus: 2225, signal 212673/214434 (executing program) 1970/01/01 00:09:31 fetching corpus: 2225, signal 212673/214454 (executing program) 1970/01/01 00:09:31 fetching corpus: 2225, signal 212673/214478 (executing program) 1970/01/01 00:09:32 fetching corpus: 2225, signal 212673/214503 (executing program) 1970/01/01 00:09:32 fetching corpus: 2225, signal 212673/214523 (executing program) 1970/01/01 00:09:32 fetching corpus: 2225, signal 212673/214549 (executing program) 1970/01/01 00:09:32 fetching corpus: 2225, signal 212678/214585 (executing program) 1970/01/01 00:09:32 fetching corpus: 2225, signal 212678/214605 (executing program) 1970/01/01 00:09:32 fetching corpus: 2225, signal 212678/214618 (executing program) 1970/01/01 00:09:32 fetching corpus: 2225, signal 212678/214636 (executing program) 1970/01/01 00:09:33 fetching corpus: 2225, signal 212678/214671 (executing program) 1970/01/01 00:09:33 fetching corpus: 2225, signal 212678/214699 (executing program) 1970/01/01 00:09:33 fetching corpus: 2225, signal 212678/214724 (executing program) 1970/01/01 00:09:33 fetching corpus: 2225, signal 212678/214749 (executing program) 1970/01/01 00:09:33 fetching corpus: 2225, signal 212678/214775 (executing program) 1970/01/01 00:09:33 fetching corpus: 2225, signal 212678/214805 (executing program) 1970/01/01 00:09:34 fetching corpus: 2225, signal 212679/214825 (executing program) 1970/01/01 00:09:34 fetching corpus: 2225, signal 212679/214867 (executing program) 1970/01/01 00:09:34 fetching corpus: 2225, signal 212679/214892 (executing program) 1970/01/01 00:09:34 fetching corpus: 2225, signal 212679/214911 (executing program) 1970/01/01 00:09:34 fetching corpus: 2225, signal 212679/214936 (executing program) 1970/01/01 00:09:35 fetching corpus: 2225, signal 212679/214955 (executing program) 1970/01/01 00:09:35 fetching corpus: 2225, signal 212679/214982 (executing program) 1970/01/01 00:09:35 fetching corpus: 2225, signal 212679/215006 (executing program) 1970/01/01 00:09:35 fetching corpus: 2225, signal 212679/215032 (executing program) 1970/01/01 00:09:35 fetching corpus: 2225, signal 212679/215053 (executing program) 1970/01/01 00:09:35 fetching corpus: 2225, signal 212679/215076 (executing program) 1970/01/01 00:09:36 fetching corpus: 2225, signal 212679/215092 (executing program) 1970/01/01 00:09:36 fetching corpus: 2225, signal 212679/215118 (executing program) 1970/01/01 00:09:36 fetching corpus: 2225, signal 212679/215153 (executing program) 1970/01/01 00:09:36 fetching corpus: 2225, signal 212679/215215 (executing program) 1970/01/01 00:09:36 fetching corpus: 2225, signal 212679/215239 (executing program) 1970/01/01 00:09:36 fetching corpus: 2225, signal 212679/215265 (executing program) 1970/01/01 00:09:36 fetching corpus: 2225, signal 212679/215298 (executing program) 1970/01/01 00:09:37 fetching corpus: 2225, signal 212679/215316 (executing program) 1970/01/01 00:09:37 fetching corpus: 2225, signal 212679/215316 (executing program) 1970/01/01 00:11:35 starting 2 fuzzer processes 00:11:35 executing program 0: r0 = socket$nl_crypto(0x10, 0x3, 0x15) getsockopt$netlink(r0, 0x10e, 0x3, 0x0, &(0x7f0000000140)) 00:11:35 executing program 1: r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) getsockopt(r0, 0xff, 0x0, 0x0, &(0x7f00000000c0)) [ 723.165060][ T2048] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 723.316156][ T2048] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 726.830509][ T2047] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 726.936375][ T2047] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 739.454032][ T2048] device hsr_slave_0 entered promiscuous mode [ 739.514896][ T2048] device hsr_slave_1 entered promiscuous mode [ 743.216684][ T2047] device hsr_slave_0 entered promiscuous mode [ 743.244690][ T2047] device hsr_slave_1 entered promiscuous mode [ 743.274720][ T2047] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 743.282645][ T2047] Cannot create hsr debugfs directory [ 749.265474][ T2048] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 749.434715][ T2048] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 749.733341][ T2048] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 750.245797][ T2048] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 751.351649][ T2047] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 751.544815][ T2047] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 751.942984][ T2047] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 752.253295][ T2047] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 760.202785][ T2048] [ 760.204065][ T2048] ============================= [ 760.205479][ T2048] WARNING: suspicious RCU usage [ 760.260420][ T2048] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted [ 760.262798][ T2048] ----------------------------- [ 760.264007][ T2048] net/ipv6/addrconf.c:3140 suspicious rcu_dereference_protected() usage! [ 760.266085][ T2048] [ 760.266085][ T2048] other info that might help us debug this: [ 760.266085][ T2048] [ 760.291973][ T2048] [ 760.291973][ T2048] rcu_scheduler_active = 2, debug_locks = 1 [ 760.294391][ T2048] 1 lock held by syz-executor.1/2048: [ 760.295969][ T2048] #0: 000000c00135d600 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x2fe/0x9a0 [ 760.313916][ T2048] [ 760.313916][ T2048] stack backtrace: [ 760.315755][ T2048] CPU: 0 PID: 2048 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 760.318462][ T2048] Hardware name: riscv-virtio,qemu (DT) [ 760.320318][ T2048] Call Trace: [ 760.321719][ T2048] [] dump_backtrace+0x2e/0x3c [ 760.323804][ T2048] [] show_stack+0x34/0x40 [ 760.325621][ T2048] [] dump_stack_lvl+0xe4/0x150 [ 760.327291][ T2048] [] dump_stack+0x1c/0x24 [ 760.329136][ T2048] [] lockdep_rcu_suspicious+0x106/0x118 [ 760.331102][ T2048] [] add_v4_addrs+0x566/0x640 [ 760.332993][ T2048] [] addrconf_notify+0x784/0x1360 [ 760.334683][ T2048] [] notifier_call_chain+0xb8/0x188 [ 760.336650][ T2048] [] raw_notifier_call_chain+0x2a/0x38 [ 760.338802][ T2048] [] call_netdevice_notifiers_info+0x9e/0x10c [ 760.341037][ T2048] [] __dev_notify_flags+0x108/0x1fa [ 760.342876][ T2048] [] dev_change_flags+0x9c/0xba [ 760.344634][ T2048] [] do_setlink+0x5d6/0x21c4 [ 760.345952][ T2048] [] __rtnl_newlink+0x99e/0xfa0 [ 760.347671][ T2048] [] rtnl_newlink+0x60/0x8c [ 760.349287][ T2048] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 760.350980][ T2048] [] netlink_rcv_skb+0xf8/0x2be [ 760.352675][ T2048] [] rtnetlink_rcv+0x26/0x30 [ 760.354486][ T2048] [] netlink_unicast+0x40e/0x5fe [ 760.356113][ T2048] [] netlink_sendmsg+0x4e0/0x994 [ 760.357479][ T2048] [] sock_sendmsg+0xa0/0xc4 [ 760.359407][ T2048] [] __sys_sendto+0x1f2/0x2e0 [ 760.361293][ T2048] [] sys_sendto+0x3e/0x52 [ 760.363378][ T2048] [] ret_from_syscall+0x0/0x2 [ 760.502166][ T2048] [ 760.503383][ T2048] ============================= [ 760.504625][ T2048] WARNING: suspicious RCU usage [ 760.505870][ T2048] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted [ 760.533882][ T2048] ----------------------------- [ 760.535228][ T2048] include/linux/inetdevice.h:249 suspicious rcu_dereference_protected() usage! [ 760.536508][ T2048] [ 760.536508][ T2048] other info that might help us debug this: [ 760.536508][ T2048] [ 760.563130][ T2048] [ 760.563130][ T2048] rcu_scheduler_active = 2, debug_locks = 1 [ 760.565087][ T2048] 1 lock held by syz-executor.1/2048: [ 760.566207][ T2048] #0: 000000c00135d600 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x2fe/0x9a0 [ 760.613066][ T2048] [ 760.613066][ T2048] stack backtrace: [ 760.614650][ T2048] CPU: 0 PID: 2048 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 760.616943][ T2048] Hardware name: riscv-virtio,qemu (DT) [ 760.618458][ T2048] Call Trace: [ 760.619619][ T2048] [] dump_backtrace+0x2e/0x3c [ 760.621592][ T2048] [] show_stack+0x34/0x40 [ 760.623398][ T2048] [] dump_stack_lvl+0xe4/0x150 [ 760.625462][ T2048] [] dump_stack+0x1c/0x24 [ 760.627673][ T2048] [] lockdep_rcu_suspicious+0x106/0x118 [ 760.630109][ T2048] [] add_v4_addrs+0x394/0x640 [ 760.632175][ T2048] [] addrconf_notify+0x784/0x1360 [ 760.634502][ T2048] [] notifier_call_chain+0xb8/0x188 [ 760.637121][ T2048] [] raw_notifier_call_chain+0x2a/0x38 [ 760.638880][ T2048] [] call_netdevice_notifiers_info+0x9e/0x10c [ 760.640612][ T2048] [] __dev_notify_flags+0x108/0x1fa [ 760.642320][ T2048] [] dev_change_flags+0x9c/0xba [ 760.643981][ T2048] [] do_setlink+0x5d6/0x21c4 [ 760.645498][ T2048] [] __rtnl_newlink+0x99e/0xfa0 [ 760.647238][ T2048] [] rtnl_newlink+0x60/0x8c [ 760.648961][ T2048] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 760.650746][ T2048] [] netlink_rcv_skb+0xf8/0x2be [ 760.653072][ T2048] [] rtnetlink_rcv+0x26/0x30 [ 760.654920][ T2048] [] netlink_unicast+0x40e/0x5fe [ 760.656502][ T2048] [] netlink_sendmsg+0x4e0/0x994 [ 760.658097][ T2048] [] sock_sendmsg+0xa0/0xc4 [ 760.659748][ T2048] [] __sys_sendto+0x1f2/0x2e0 [ 760.661545][ T2048] [] sys_sendto+0x3e/0x52 [ 760.663184][ T2048] [] ret_from_syscall+0x0/0x2 [ 760.850578][ T2048] [ 760.851726][ T2048] ============================= [ 760.853030][ T2048] WARNING: suspicious RCU usage [ 760.854451][ T2048] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted [ 760.856107][ T2048] ----------------------------- [ 760.890284][ T2048] net/ipv6/addrconf.c:3140 suspicious rcu_dereference_protected() usage! [ 760.892250][ T2048] [ 760.892250][ T2048] other info that might help us debug this: [ 760.892250][ T2048] [ 760.894342][ T2048] [ 760.894342][ T2048] rcu_scheduler_active = 2, debug_locks = 1 [ 760.896308][ T2048] 1 lock held by syz-executor.1/2048: [ 760.922552][ T2048] #0: 000000c00135d600 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x2fe/0x9a0 [ 760.926552][ T2048] [ 760.926552][ T2048] stack backtrace: [ 760.949421][ T2048] CPU: 0 PID: 2048 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 760.951147][ T2048] Hardware name: riscv-virtio,qemu (DT) [ 760.952217][ T2048] Call Trace: [ 760.952970][ T2048] [] dump_backtrace+0x2e/0x3c [ 760.954431][ T2048] [] show_stack+0x34/0x40 [ 760.955665][ T2048] [] dump_stack_lvl+0xe4/0x150 [ 760.957032][ T2048] [] dump_stack+0x1c/0x24 [ 760.959159][ T2048] [] lockdep_rcu_suspicious+0x106/0x118 [ 760.960462][ T2048] [] add_v4_addrs+0x5e2/0x640 [ 760.961701][ T2048] [] addrconf_notify+0x784/0x1360 [ 760.963092][ T2048] [] notifier_call_chain+0xb8/0x188 [ 760.964812][ T2048] [] raw_notifier_call_chain+0x2a/0x38 [ 760.966766][ T2048] [] call_netdevice_notifiers_info+0x9e/0x10c [ 760.968569][ T2048] [] __dev_notify_flags+0x108/0x1fa [ 760.970521][ T2048] [] dev_change_flags+0x9c/0xba [ 760.972158][ T2048] [] do_setlink+0x5d6/0x21c4 [ 760.973808][ T2048] [] __rtnl_newlink+0x99e/0xfa0 [ 760.975109][ T2048] [] rtnl_newlink+0x60/0x8c [ 760.976774][ T2048] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 760.978853][ T2048] [] netlink_rcv_skb+0xf8/0x2be [ 760.980605][ T2048] [] rtnetlink_rcv+0x26/0x30 [ 760.982389][ T2048] [] netlink_unicast+0x40e/0x5fe [ 760.984157][ T2048] [] netlink_sendmsg+0x4e0/0x994 [ 760.985924][ T2048] [] sock_sendmsg+0xa0/0xc4 [ 760.987832][ T2048] [] __sys_sendto+0x1f2/0x2e0 [ 760.989427][ T2048] [] sys_sendto+0x3e/0x52 [ 760.991093][ T2048] [] ret_from_syscall+0x0/0x2 [ 761.449070][ T2048] [ 761.450117][ T2048] ============================= [ 761.450973][ T2048] WARNING: suspicious RCU usage [ 761.451844][ T2048] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted [ 761.452873][ T2048] ----------------------------- [ 761.453711][ T2048] include/net/addrconf.h:313 suspicious rcu_dereference_check() usage! [ 761.454910][ T2048] [ 761.454910][ T2048] other info that might help us debug this: [ 761.454910][ T2048] [ 761.495556][ T2048] [ 761.495556][ T2048] rcu_scheduler_active = 2, debug_locks = 1 [ 761.499614][ T2048] 1 lock held by syz-executor.1/2048: [ 761.501094][ T2048] #0: 000000c00135d600 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x2fe/0x9a0 [ 761.536488][ T2048] [ 761.536488][ T2048] stack backtrace: [ 761.539433][ T2048] CPU: 0 PID: 2048 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 761.540851][ T2048] Hardware name: riscv-virtio,qemu (DT) [ 761.541711][ T2048] Call Trace: [ 761.542517][ T2048] [] dump_backtrace+0x2e/0x3c [ 761.543815][ T2048] [] show_stack+0x34/0x40 [ 761.544958][ T2048] [] dump_stack_lvl+0xe4/0x150 [ 761.546689][ T2048] [] dump_stack+0x1c/0x24 [ 761.548069][ T2048] [] lockdep_rcu_suspicious+0x106/0x118 [ 761.550241][ T2048] [] ipv6_mc_netdev_event+0x29c/0x4a8 [ 761.552237][ T2048] [] notifier_call_chain+0xb8/0x188 [ 761.554098][ T2048] [] raw_notifier_call_chain+0x2a/0x38 [ 761.555952][ T2048] [] call_netdevice_notifiers_info+0x9e/0x10c [ 761.557913][ T2048] [] __dev_notify_flags+0x108/0x1fa [ 761.559718][ T2048] [] dev_change_flags+0x9c/0xba [ 761.561233][ T2048] [] do_setlink+0x5d6/0x21c4 [ 761.562771][ T2048] [] __rtnl_newlink+0x99e/0xfa0 [ 761.564323][ T2048] [] rtnl_newlink+0x60/0x8c [ 761.565811][ T2048] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 761.567460][ T2048] [] netlink_rcv_skb+0xf8/0x2be [ 761.568858][ T2048] [] rtnetlink_rcv+0x26/0x30 [ 761.570454][ T2048] [] netlink_unicast+0x40e/0x5fe [ 761.571940][ T2048] [] netlink_sendmsg+0x4e0/0x994 [ 761.573581][ T2048] [] sock_sendmsg+0xa0/0xc4 [ 761.575211][ T2048] [] __sys_sendto+0x1f2/0x2e0 [ 761.576683][ T2048] [] sys_sendto+0x3e/0x52 [ 761.578245][ T2048] [] ret_from_syscall+0x0/0x2 [ 761.705382][ T2048] [ 761.706596][ T2048] ============================= [ 761.720990][ T2048] WARNING: suspicious RCU usage [ 761.722210][ T2048] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted [ 761.723597][ T2048] ----------------------------- [ 761.724220][ T2048] net/8021q/vlan.c:392 suspicious rcu_dereference_protected() usage! [ 761.725170][ T2048] [ 761.725170][ T2048] other info that might help us debug this: [ 761.725170][ T2048] [ 761.726083][ T2048] [ 761.726083][ T2048] rcu_scheduler_active = 2, debug_locks = 1 [ 761.726958][ T2048] 1 lock held by syz-executor.1/2048: [ 761.752032][ T2048] #0: 000000c00135d600 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x2fe/0x9a0 [ 761.782491][ T2048] [ 761.782491][ T2048] stack backtrace: [ 761.784544][ T2048] CPU: 0 PID: 2048 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 761.787672][ T2048] Hardware name: riscv-virtio,qemu (DT) [ 761.789611][ T2048] Call Trace: [ 761.790988][ T2048] [] dump_backtrace+0x2e/0x3c [ 761.793394][ T2048] [] show_stack+0x34/0x40 [ 761.795474][ T2048] [] dump_stack_lvl+0xe4/0x150 [ 761.797632][ T2048] [] dump_stack+0x1c/0x24 [ 761.799833][ T2048] [] lockdep_rcu_suspicious+0x106/0x118 [ 761.802330][ T2048] [] vlan_device_event+0x364/0x1434 [ 761.804622][ T2048] [] notifier_call_chain+0xb8/0x188 [ 761.807138][ T2048] [] raw_notifier_call_chain+0x2a/0x38 [ 761.809468][ T2048] [] call_netdevice_notifiers_info+0x9e/0x10c [ 761.811975][ T2048] [] __dev_notify_flags+0x108/0x1fa [ 761.814423][ T2048] [] dev_change_flags+0x9c/0xba [ 761.816438][ T2048] [] do_setlink+0x5d6/0x21c4 [ 761.818527][ T2048] [] __rtnl_newlink+0x99e/0xfa0 [ 761.820451][ T2048] [] rtnl_newlink+0x60/0x8c [ 761.822432][ T2048] [] rtnetlink_rcv_msg+0x338/0x9a0 [ 761.824505][ T2048] [] netlink_rcv_skb+0xf8/0x2be [ 761.826531][ T2048] [] rtnetlink_rcv+0x26/0x30 [ 761.828338][ T2048] [] netlink_unicast+0x40e/0x5fe [ 761.830350][ T2048] [] netlink_sendmsg+0x4e0/0x994 [ 761.832440][ T2048] [] sock_sendmsg+0xa0/0xc4 [ 761.834384][ T2048] [] __sys_sendto+0x1f2/0x2e0 [ 761.836340][ T2048] [] sys_sendto+0x3e/0x52 [ 761.838177][ T2048] [] ret_from_syscall+0x0/0x2 [ 761.996881][ T2048] [ 761.998124][ T2048] ===================================== [ 761.999265][ T2048] WARNING: bad unlock balance detected! [ 762.000512][ T2048] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted [ 762.002267][ T2048] ------------------------------------- [ 762.003665][ T2048] syz-executor.1/2048 is trying to release lock (rtnl_mutex) at: [ 762.005872][ T2048] [] __rtnl_unlock+0x34/0x80 [ 762.007748][ T2048] but there are no more locks to release! [ 762.009106][ T2048] [ 762.009106][ T2048] other info that might help us debug this: [ 762.010661][ T2048] 1 lock held by syz-executor.1/2048: [ 762.011751][ T2048] #0: 000000c00135d600 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x2fe/0x9a0 [ 762.014791][ T2048] [ 762.014791][ T2048] stack backtrace: [ 762.016053][ T2048] CPU: 0 PID: 2048 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 [ 762.018068][ T2048] Hardware name: riscv-virtio,qemu (DT) [ 762.019286][ T2048] Call Trace: [ 762.020247][ T2048] [] dump_backtrace+0x2e/0x3c [ 762.021824][ T2048] [] show_stack+0x34/0x40 [ 762.023328][ T2048] [] dump_stack_lvl+0xe4/0x150 [ 762.024499][ T2048] [] dump_stack+0x1c/0x24 [ 762.026080][ T2048] [] print_unlock_imbalance_bug.part.0+0xc4/0xd2 [ 762.027993][ T2048] [] lock_release+0x4fe/0x614 [ 762.029827][ T2048] [] __mutex_unlock_slowpath+0xa4/0x3a2 [ 762.031781][ T2048] [] mutex_unlock+0xe/0x16 [ 762.033403][ T2048] [] __rtnl_unlock+0x34/0x80 [ 762.035128][ T2048] [] netdev_run_todo+0x1ee/0x752 [ 762.037117][ T2048] [] rtnetlink_rcv_msg+0x346/0x9a0 [ 762.038969][ T2048] [] netlink_rcv_skb+0xf8/0x2be [ 762.040681][ T2048] [] rtnetlink_rcv+0x26/0x30 [ 762.042125][ T2048] [] netlink_unicast+0x40e/0x5fe [ 762.043696][ T2048] [] netlink_sendmsg+0x4e0/0x994 [ 762.045318][ T2048] [] sock_sendmsg+0xa0/0xc4 [ 762.046967][ T2048] [] __sys_sendto+0x1f2/0x2e0 [ 762.048298][ T2048] [] sys_sendto+0x3e/0x52 [ 762.049670][ T2048] [] ret_from_syscall+0x0/0x2 [ 763.132381][ T2048] 8021q: adding VLAN 0 to HW filter on device bond0 [ 763.834371][ T2435] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 763.870652][ T2435] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready [ 765.496580][ T2047] 8021q: adding VLAN 0 to HW filter on device bond0 [ 765.921224][ T2012] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready [ 765.934292][ T2012] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready VM DIAGNOSIS: 16:25:23 Registers: info registers vcpu 0 pc ffffffff800055ee mhartid 0000000000000000 mstatus 0000000000000180 mip 00000000000000a2 mie 000000000000022a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff800055d8 sepc ffffffff800055ee mcause 8000000000000003 scause 000000000000000f mtval 0000000000000000 stval 000000c00135d4e8 x0/zero 0000000000000000 x1/ra e036085643ef6e00 x2/sp 000000c00135d4e0 x3/gp ffffaf800be5c8c0 x4/tp ffffaf800be5d2e0 x5/t0 0000000000046000 x6/t1 ffffaf800be5d498 x7/t2 0000000000001fff x8/s0 000000c00135d600 x9/s1 0000000000044120 x10/a0 0000000000000001 x11/a1 00000000000c2015 x12/a2 0000000000000015 x13/a3 ffffffff86c1a620 x14/a4 ffffaf800e47c0c0 x15/a5 ffffffff80112b3e x16/a6 ffffffffffffffff x17/a7 0000000000000016 x18/s2 0000000000082d44 x19/s3 0000000000082d44 x20/s4 000000000000000c x21/s5 ffffaf800be5d2e0 x22/s6 ffffaf800e47c040 x23/s7 000000006515a3e2 x24/s8 ffffaf800be5d2e0 x25/s9 000000000000000b x26/s10 1ffff5f001c8f7fc x27/s11 0000000000000000 x28/t3 ffffaf800be5d4b8 x29/t4 0000000000000015 x30/t5 000000c00114912f x31/t6 0000000000082960 f0/ft0 0000000000000000 f1/ft1 40b7084da78b2373 f2/ft2 416b752c00000000 f3/ft3 403a000000000000 f4/ft4 4124251000000000 f5/ft5 40383f782d7204d0 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000 info registers vcpu 1 pc ffffffff8010b22c mhartid 0000000000000001 mstatus 00000000000001a0 mip 00000000000000a0 mie 000000000000020a mideleg 0000000000000222 medeleg 000000000000b109 mtvec 0000000080000540 stvec ffffffff800055d4 mepc ffffffff80200f48 sepc ffffffff80200f48 mcause 8000000000000007 scause 8000000000000005 mtval 0000000000000000 stval 0000000000000000 x0/zero 0000000000000000 x1/ra ffffffff831a18d8 x2/sp ffffaf800e47e0c0 x3/gp ffffffff85863ac0 x4/tp ffffaf800be5c8c0 x5/t0 0000000000046000 x6/t1 ffffffff8545ae40 x7/t2 0000000000000000 x8/s0 ffffaf800e47e0d0 x9/s1 0000000000001000 x10/a0 0000000000000120 x11/a1 ffffffffffffffff x12/a2 1ffff5f0017cb919 x13/a3 ffffffff80146d84 x14/a4 0000000000010001 x15/a5 0000000000000000 x16/a6 0000000000f00000 x17/a7 ffffffffffffffff x18/s2 ffffaf800be5c8c0 x19/s3 ffffffff84b73ec0 x20/s4 ffffffff8588a420 x21/s5 ffffffff8343c840 x22/s6 ffffffffffffffff x23/s7 ffffffff86c1a620 x24/s8 ffffffff86c1a620 x25/s9 ffffaf805a9cbd50 x26/s10 ffffaf805a9cb400 x27/s11 ffffffff8018e412 x28/t3 fffffffff3f3f300 x29/t4 fffffffef0d81e13 x30/t5 fffffffef0d81e1a x31/t6 ffffffff858c066c f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000